Have a Network layed out like this:
The Powerconnect switch 18 VLANs on it. The server in question is connected to a switchport on the Powerconnect with setup as an access port with VLAN assignment. The uplink from the powerconnect to the 3750 is a trunk. My goal is to rate limit the bandwidth coming from the server going out to internet (connected to a L3 port on the 3750). From my reading a service policy should have been able to handle this (also read didn't work on egress interfaces). As such I setup an ACL:
ip access-list extended Rate_Limiter_ACL
permit ip host x.x.x.22 any
Setup a class map:
class-map match-all Rate_Limiter_Map
match access-group Rate_Limiter_ACL
Created policy map to rate-limit (Police):
police 2400000 65536 exceed-action drop
Applied service-policy to the TRUNK interface connecting to the powerconnect as the outbound traffic from the server should be ingress to the trunk interface on the 3750.
service-policy input Rate_Limiter_Map
Problem is, rate is not limited often times spikes to 7+ Mbps.
Am I misunderstanding the way policing works? Is something configured wrong?
I tried switching the access-list's source and destination and that did not help either.
sho policy-map int g1/0/20 shows the policy and class applied to the interface but nothing is getting matched, not even in the "class-default". Does a class-default have to be configured even if it is for all other traffic for the policy map to work?
Any help is appreciated.